//引入数据库连接模块
const conn = require('../db/db.js');
//引入moment模块
const moment = require('moment');
//引入bcrypt加密模块
const bcrypt = require('bcrypt');
//注册
const ctrl = {
    showRegister: (req, res) => {
        res.render('./user/register.ejs', {});
    },
    showLogin: (req, res) => {
        res.render('./user/login.ejs', {});
    },
    register: (req, res) => {
        let user = req.body;
        //console.log(user);//{ username: 'wp', password: '123456', nickname: 'dfg' }
        //写sql语句查询是否已经有此名字
        let sql1 = `select count(*) as count from blog_users where username='${user.username}'`;
        // console.log(user.username); 
        //执行sql语句
        conn.query(sql1, (err, result) => {
            if (err) return res.send({
                status: 500,
                message: err.message
            });
            if (result[0].count == 1) return res.send({
                status: 501,
                message: '名字已经被用'
            });
            //如果都没问题就写sql语句添加到数据库中
            user.ctime = moment().format('YYYY-MM-DD HH:mm:ss');
            //在执行sql语句添加到数据库之前需要对密码进行加密操作
            bcrypt.hash(user.password, 10, (err, pwd) => {
                //saltRounds 循环的次幂  pwd 加密过后的密码
                if (err) return res.send({
                    status: 503,
                    message: '注册失败'
                });
                //如果成功则将新的密码赋值给user.password
                user.password = pwd;
                let sql2 = `insert into blog_users set ?`;
                conn.query(sql2, user, (err, result) => {
                    if (err) return res.send({
                        status: 502,
                        message: err.message
                    });
                    res.send({
                        status: 200,
                        message: '注册成功'
                    });
                })
            })

        })
    },
    login: (req, res) => {
        //获取登录数据
        let userLogin = req.body;
        //因为密码是加密之后的而用户输入的登录密码是未加密的如果直接匹配是匹配不到的需要解密匹配
        // bcrypt.compare('登录密码','加密密码',(err,compareResult) => {});
        //先以用户名查询到对应的用户在使用compare方法
        // console.log(userLogin.username);
        
        let sqlName = `select * from blog_users where username='${userLogin.username}'`;
        conn.query(sqlName, (err, result) => {
            if (err) return res.send({
                status: 500,
                message: err.message
            });
            if (result.length == 0) return res.send({
                status: 501,
                message: '用户名不正确'
            });
            //如果找到了用户名对应的数据就执行下面的方法
            console.log(userLogin.password,result[0].password);

            bcrypt.compare(userLogin.password, result[0].password, (err, compareResult) => {
                if (err) return res.send({
                    status: 502,
                    message: err.message
                });
                if (!compareResult) return res.send({
                    status: 503,
                    message: '密码错误'
                });
                //登录成功之后就何时一个session来用作以后判断是否登陆过
                req.session.user = result[0];
                req.session.islogin = true;
                res.send({
                    status: 200,
                    message: '登陆成功'
                });
            });
        })

        //------------------不加密的登录操作-----------------------------
        //写sql语句判断用户输入的用户名和密码是否存在
        // let sql = `select * from blog_users where username = '${userLogin.username}' and password = '${userLogin.password}'`;
        // conn.query(sql, (err, result) => {
        //     if (err) return res.send({
        //         status: 500,
        //         message: err.message
        //     });
        //     if (result.length == 0) return res.send({
        //         status: 501,
        //         message: '用户名或者密码错误'
        //     });

        // })
    },
    loginout: (req, res) => {
        req.session.destroy(function () {
            res.redirect('/login'); //重新跳转
        })
    }
}
//导出Ctrl
module.exports = ctrl;